Protection & Endpoints
Learn how to manage endpoints.
What is an endpoint?
An endpoint has 3 main properties:
- traffic source: it indicates the origin of the traffic directed to the endpoint
- traffic usage: it indicates the functional context of the resources included in the endpoint, to separate different parts of your website and/or mobile app
- name: a name of your choice, to identify the traffic directed to the endpoint in the dashboard
Fine-grained protection
DataDome uses the traffic source and traffic usage parameters to apply the right algorithms and detect specific threats.
Traffic sources
We define the following values for the sources:
Value | Description |
---|---|
Web Browsers | requests coming from all Browsers (mobile or desktop) on websites or APIs |
Mobile Apps | requests coming from mobile apps (iOS, Android) on APIs |
APIs | automated requests coming from machine/scripts on APIs |
Traffic usages
We currently propose the following usages:
Name | Description | Examples | HTTP methods |
---|---|---|---|
General | Default endpoint type. All URLs that are not included in another endpoint configuration. | domain.com/ | All |
Login | Login, account creation or forgot password forms. | domain.com/login domain.com/signup domain.com/forget | All |
Forms | All URLs with forms, could be password forms, troubleshooting forms etc. Except the Account Creation form. | domain.com/contact domain.com/report domain.com/comments | All |
Account Creation | All URLs related to the account creation on a website/app | domain.com/signup, domain.com/account/signup | All |
Cart | All URLs related to the basket in e-commerce website | domain.com/cart, domain.com/add-to-cart | All |
Payment | All URLs related to the payment processing on e-commerce website/app | domain.com/payment, domain.com/checkout | All |
RSS | RSS/Atom feeds fetched by a desktop application or an online aggregator. | domain.com/feed.json domain.com/rss.xml | All |
How to manage endpoints?
Deleted endpoint visualization
If you just deleted an endpoint, you will still be able to see it in the analytics screens of the dashboard if it matched traffic over the past 30 days. After the 30 days period, the corresponding deleted endpoint won't appear anymore on the analytics screens.
Default endpoint
By default, one endpoint is pre-set in your account: “Web (default)”.
The endpoint “Web (default)” cannot be reordered or deleted.
Go to Management > Endpoints
A list of endpoints connected to your account is displayed.
The endpoints are matched following the top-down order: for a given request, the first matched endpoint is chosen. Changing the order in the list implies a change in the matching priorities.
Admin view
Editor view
Protection status legend
Roles & actions
Role | Add | Edit | Reorder | Activate/deactivate protection | Activate/deactivate detection |
---|---|---|---|---|---|
Admin | YES | YES | YES | YES | YES |
Editor | - | - | - | - | - |
Viewer | - | - | - | - | - |
Endpoint set-up
To set-up an endpoint, several pieces of information are requested.
General information
Field | Mandatory/Optional | Explanation |
---|---|---|
Name | Mandatory | A unique label to identify the endpoint |
Description | Optional | A free text description |
Traffic source | Mandatory | See Traffic Sources |
Traffic usage | Mandatory | See Traffic Usages |
DataDome's cookie SameSite | Mandatory | The value of the "SameSite" attribute set for DataDome's cookie. By default "Lax", it can also be set to "Strict" or "None". |
Response format | Mandatory | The content type of DataDome response sent to the requester in case of detection (Device Check, CAPTCHA or block page). It can be set to "AUTO", "HTML" or "JSON". By default, it is set to "AUTO". |
Traffic identification
Two methods can be used to identify the endpoint traffic. The two methods described below are mutually exclusive: they cannot be used both at the same time for a given endpoint.
1. Traffic query
Traffic matching an endpoint can be defined using a single traffic query. The list of available fields and the syntax guidelines are described in the traffic queries syntax user guide.
Case sensitivity
Traffic queries for endpoints definition are case-insensitive. All the values in the queries must be expressed with lowercase characters.
2. Regex on URL and UA
Traffic matching an endpoint can also be identified defining regex conditions (following the PCRE regular expression syntax) for at least one of the following elements:
- Domain inclusion
- URL path inclusion
- URL path exclusion
- User Agent inclusion
For example, here you can find a pattern of any relevant path for payment:
^(https?:\/\/)?([\w.-]+)\.(\w+)(\/[\w.-]*)*\/(pay|payment|checkout|purchase|order)(\/|$|\?)
How to analyze traffic?
The percentage of traffic is indicated for each endpoint. It includes normal users & bots and is calculated for the last 20 minutes.
You can analyze the endpoint’s traffic by clicking on Actions > View Traffic Details to display the following information:
- An overview of the last 24 hours with the number of requests, URLs and IPs, the top 2 IP owners, and the top 3 UA.
- The last 100 requests.
You can also analyze through the "Explore" view (Read more about the Explore view.
Updated 4 days ago